Installation Fails with Patched Database

Article Applicability The issue documented on this KB is only relevant to Veeam Backup & Replication versions prior to v10. Starting with v10, a different error occurs for the same reason and is documented on KB4204. Challenge When installing Veeam Backup & Replication, selecting an existing...

German ERP Sage Office Line Privilege Escalation

Security Vulnerability in German ERP system "Sage office Line" Recently, I discovered a Securtiy Security Vulnerability in the German ERP system "Sage office Line", created by German branch of the UK-based Sage Group. The Software is sold in Germany, Austria and Switzerland. According to their...

CVE-2013-4313

Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string...

Sql injection

Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string...

CVE-2013-4313

Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string...

CVE-2013-4313

Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string...

CVE-2013-4313

The CVE-2013-4313 issue affects Moodle up to versions 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2, where the application does not neutralize null bytes ('\0') in query strings. This can enable remote attackers to perform SQL injection against Microsoft SQL Server via a ...

Completely remove WSUS 3.0 approach-vulnerability warning-the black bar safety net

Upgrade the domain controller or demote a domain controller, wsus services usually fail, only by hand to completely remove wsus3. 0 and then re-install, the following is the result of several attempts later summed up the detailed operation of the steps of: 1, the...

Fedora Update for WebCalendar FEDORA-2013-13484

Check for the Version of WebCalendar OpenVAS Vulnerability Test Fedora Update for WebCalendar FEDORA-2013-13484 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

[SECURITY] Fedora 19 Update: WebCalendar-1.2.7-1.fc19

WebCalendar is a PHP-based calendar application that can be configured as a single-user calendar, a multi-user calendar for groups of users, or as an event calendar viewable by visitors. MySQL, PostgreSQL, Oracle, DB2, Interbase, MS SQL Server, or ODBC is required. WebCalendar can be setup in a...

Lianja SQL db_netserver Stack Buffer Overflow

A stack buffer overflow vulnerability has been reported in Lianja SQL Server...

CVE-2013-3563

Stack-based buffer overflow in dbnetserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted string to TCP port 8001...

CVE-2013-3563

Summary: CVE-2013-3563 refers to a stack-based buffer overflow in the db_netserver component of Lianja SQL Server prior to 1.0.0RC5.2. The vulnerability allows remote attackers to trigger a denial of service (daemon crash) and potentially execute arbitrary code by sending a crafted string to TCP ...

CVE-2013-3563

Stack-based buffer overflow in dbnetserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted string to TCP port 8001...

Microsoft SQL Server STARTTLS Support

The remote Microsoft SQL Server service supports the use of encryption initiated during pre-login to switch from a cleartext to an encrypted communications channel. TRUSTED...

[aidSQL] A tool that will aid you when trying to find vulnerable spots in your site

Is a PHP application provided for detecting security holes in your website/s. It's a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. 2013-05-27 NEW aidSQL Release which supports MS SQL SERVER 2000 Database injection and reverse...

Firebird Relational Database CNCT Group Number Buffer Overflow

This Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The...

Firebird Relational Database CNCT Group Number Buffer Overflow

This module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The vulnerability...

Nmap NSE 6.01: ms-sql-info

Attempts to determine configuration and version information for Microsoft SQL Server instances. SQL Server credentials required: No will not benefit from 'mssql.username' & 'mssql.password'. Run criteria: Host script: Will always run. Port script: N/A NOTE: Unlike previous versions, this script...

Microsoft SQL Server Unsupported Version Detection

According to its self-reported version number, the installation of Microsoft SQL Server on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities...